AMEND] DO WW St ! 



1 1 . (currently amended) A portable computing device for opening a door, comprising. 

2 a memory, wherein a content of the memory compri ses: 

3 a first copy of a shared secret key; 

4 a first standard certificate, wherein the first standard certificate is being 

5 used in responding to a challenge of the door; and 

6 means for communi eating with the door, wherein the door possesses a second 

7 copy of the shared secret key, and wherein the door adapted to validate identical ness of 

8 the first and the second copies of the shared secret key, and wherein the door further 

9 adapted to issue the challenge on r-nJo'nk selected occasions to the computing device. 

1 2 . (currently amended) The computing device of claim 1 , wherein the first standard 

2 certificate is having a private key part and the private key part is being encrypted with a 

3 first biometric key, wherein the first biometric key belongs to a rightful owner of the 

4 computing device , wherein the computing device further comprising a biometric device, 

5 wherein.the.biojnetdcdevic 

6 the second biometric key beiongs to a user of the computing device, and wherein the 

7 second btoni et c I • >i sgd to decrypt the private, key part of the first standard 

8 certificate . 
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1 3. (canceled) 

1 4. (original) A method for secure unlocking of a door based on a shared secret key, 

2 comprising the steps of. 

3 providing a portable computing device, wherein the computing device is equipped 

4 with a memory, and the memory holds a first copy of the shared secret key and a .first 

5 standard certificate, wherein the computing device is adapted for performing operations 

6 with shared secret keys and standard certificates, and wherein the computing device is 

7 also having means for communicating with the door; 

8 communicating by the computing device to the door a device identifier; 

9 issuing a challenge by the door to the computing device, wherein the challenge is 

1 0 issued only on randomly selected occasions; 

1 1 responding to the challenge by the computing device by demonstrating possession 

1 2 of a private key pari of the first standard certificate, 

1.3 responding by the door with a door identifier and with a message, wherein the 

14 message is encrypted with a second copy of the shared secret key, and wherein using the 

1 5 second copy of the shared secret key for encrypting the message resulted from 

16 recognizing the device identifier communicated by the computing device; 

17 responding by the computing device with a signal attesting decryption of the 

18 message wherein the i les - ige ha been i e< • .;<ted in the computing device by the first 

1 9 copy of the shared secret key, and wherein using the first copy of the shared secret key 

20 for decrypting the message resulted from recognizing the door identifier transmitted by 
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1 the door; and 

2 unlocking the door upon recognizing validity of the signal attesting decryption of 

3 the message. 

1 5. (original) The method of claim 4, wherein the device identifier is a hash code of the 

2 first standard certificate. 

1 6. (original) The method of claim 4, wherein the door identifier is a simple identifier and 

2 it is sent without encryption . 

1 7. (original) The method of claim 4, wherein the door has a second standard certificate, 

2 and the door identifier is a hash code of the second standard certificate. 

1 8. (original) The method of claim 4, wherein the shared secret key is generated by the 

2 door and communicated with the computing device in private using a public key part of 

3 the fi rst standard certificate. 

.1 9. (original) The method of claim 4, wherein the private key part of the first standard 

2 certificate is encrypted with a first biometric key, wherein the first biometrie key belongs 

3 to a rightful owner of the computing device, and wherein the computing device is 

1 provided with a biometric device, and wherein the step of responding to the challenge 
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1 further comprise the steps of: 

2 taking a bioraetric reading of a user of the computing device; 

3 generating a second bioraetric key using the hiometric reading; and 

4 decrypting the encrypted private key part of the first standard certificate using the 

5 second bioraetric key. whereby if the first arid second hiometric keys are identical the 

6 decrypting using the second hiometric key is successful, and the challenge can he 

7 successfully responded. 

1 10. (currently amended) A security system for controlling access, comprising a first 

2 plurality of doors and a second plurality of portable computing devices for opening 

3 doors, each computing device equipped with a memory, wherein any one of the 

4 computing devices holds in its memory a unique first standard certificate, and wherein 

5 the any one computing device further holds in its memory door identifiers for all those 

6 doors out of the first plurality of doors that the any one computing device i s permitted to 

7 open, and wherein each of the door identifier is uniquely linked to a first copy of a shared 

8 secret key, wherein any one of the doors possesses a matching information for each one 

9 of those computing devices out of the second plurality of computing devices that are 

1 0 permitted to open the any one door, wherein the snatching information comprises a 

1 1 devi ce identifier, wherein the device identifier is linked to a public key pan of the unique 

1 2 first standard certificate and to a second copy of the shared secret key, and wherein the 

13 first plurality of doors and the second plurality of computing devices have means for 
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1 commimicatmg between any device and any door, and wherein the any one door is 

2 adapted to recognize the device identifier, and further adapted to use the matching 

3 information to validate identicalness of the first and the second copies of the shared 

4 secret key, and to issue a challenge on randomly selected occasions to the unique first 

5 standard certificate using the public key part of the unique fust standard certificate. 

1 1 1 . (original) The security system of claim 10 5 wherein the device identifier is a hash 

2 code of the unique first standard certificate. 

1 12, (original) The security system of claim 10, wherein the door identifier is a simple 

2 identifier and it is communicated without encryption. 

1 13. (original) The security system of claim 1 0, wherein the any one door further 

2 possesses a unique second standard certificate 

1 14. (original) The security system of claim 13, wherein the door identifier is a hash code 

2 of the unique second standard certificate. 

1 15. (canceled) 



1 16 (currently amended) The security system of claim 10, wherein the unique first 
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1 standard certificate is having a private key part and the private key part is being 

2 encrypted with a first hiometric key; wherein the first bioraetric key belongs to a rightful 

3 owner of the computing device , wherein the any one computing device is further 

4 comprising a hiometric device, wherein the biometric device is capable of generating^ 

5 > !j metric kt 1 i i e se< < bj m t > I ej ' 1 n. ; isj fth ny one 

6 omputinudevu id lerein th > i> s ' ' i - ' : 1 \ * >_ ' -' [ ' 111? • i 

7 key part of the unique first standard certificate . 

1 17. (canceled) 

1 18. (original) The security system of claim 10, wherein the challenge by the any one door 

2 is successfully responded by demonstrati ng possession of a private key part of the unique 

3 first standard certificate. 

1 19. (original) The security sy stem of claim 1 0, wherein the any one door is further 

2 adapted to generate a shared secret key and communicate the shared key in private by 

3 using the public key part of the unique first standard certificate. 



20. (original) A computer data signal embodied in a carrier wave encoding a computer 
program of instructions for executing a computer process performing the steps for secure 
unlocking of a door based on a shared secret key, as recited in the steps of 
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communicating by a computing device to the door a device identifier; 

issuing a challenge by the door to the computing device, wherein the challenge is 
issued only on randomly selected occasions; 

responding to the challenge by the computing device by demonstrating possession 
of a private key part of a first standard certificate; 

responding by the door with a door identifier and with a message, wherein the 
message is encrypted with a second copy of the shared secret key, and wherein using the 
second copy of the shared secret key for encrypting the message resulted from 
recognizing the device identifier communicated by the computing device; 

responding by the computing device with a signal attesting decryption of the 
message, wherein the message has been decrypted in the computing device by the first 
copy of the shared secret key, and wherein using the first, copy of the shared secret key 
for decrypting the message resulted from recognizing the door identifier transmitted by 
the door; and 

unlocking the door upon recognizing validity of the signal attesting decryption of 
the message. 
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